Apply "source" attribute to jobs initiated by scan execution policy
When an SEP job is created, set the source value to scan_execution_policy
Some time ago our team had similar challenge in Set policies CI variables with the highest prec... (!135359 - merged)
SEP jobs are created/prepared in 2 places:
- when
scheduled
Scan Execution Policies are used, then we executeee/app/services/security/security_orchestration_policies/create_pipeline_service.rb
, although then the whole pipeline has a source configured assecurity_orchestration_policy
, so it should be easy to setjob_source
to desired value there, as all jobs created in that service should bescan_execution_policy
type, - when regular
pipeline
Scan Execution Policies are used, then we useee/lib/gitlab/ci/config/security_orchestration_policies/processor.rb
to prepare job configuration, I believe this might be the place to setjob_source
and other desired values🤔
Edited by Nate Rosandich